我正在尝试jhipster使用基于 token 的身份验证。它运行完美。
现在,我想在不同的域上运行后端和前端代码。我怎样才能做到这一点?
<小时/>这是我尝试过的:
运行
yo jhipster
并选择基于 token 的身份验证选项:Welcome to the JHipster Generator ? (1/13) What is the base name of your application? jhipster ? (2/13) What is your default Java package name? com.mycompany.myapp ? (3/13) Do you want to use Java 8? Yes (use Java 8) ? (4/13) Which *type* of authentication would you like to use? Token-based authentication (stateless, with a token) ? (5/13) Which *type* of database would you like to use? SQL (H2, MySQL, PostgreSQL) ? (6/13) Which *production* database would you like to use? MySQL ? (7/13) Which *development* database would you like to use? H2 in-memory with Web console ? (8/13) Do you want to use Hibernate 2nd level cache? Yes, with ehcache (local cache, for a single node) ? (9/13) Do you want to use clustered HTTP sessions? No ? (10/13) Do you want to use WebSockets? No ? (11/13) Would you like to use Maven or Gradle for building the backend? Maven (recommended) ? (12/13) Would you like to use Grunt or Gulp.js for building the frontend? Grunt (recommended) ? (13/13) Would you like to use the Compass CSS Authoring Framework? No ... I'm all done. Running bower install & npm install for you ^C
制作项目的两个副本,分别为
jhipster/backend
和jhipster/frontend
删除后端和前端不需要的文件
rm -rf backend/.bowerrc rm -rf backend/.jshintrc rm -rf backend/bower.json rm -rf backend/Gruntfile.js rm -rf backend/package.json rm -rf backend/src/main/webapp rm -rf backend/src/test/javascript rm -rf frontend/pom.xml rm -rf frontend/src/main/java rm -rf frontend/src/main/resources rm -rf frontend/src/test/gatling rm -rf frontend/src/test/java rm -rf frontend/src/test/resources
更改代码以完全删除后端/前端依赖性
前端/Gruntfile.js
... var parseVersionFromPomXml = function() { return '1.2.2.RELEASE'; }; ... browserSync: { ..., proxy: "localhost:8081" }
frontend/src/main/webapp/scripts/app/app.js
angular.module('jhipsterApp', [...]) .constant('API_URL', 'http://localhost:8080/') .run( ... )
frontend/src/main/webapp/scripts/**/*.service.js
angular.module('jhipsterApp').factory(..., API_URL) { return $http.post(API_URL + 'api/authenticate', ...); } angular.module('jhipsterApp').factory('Account', function Account($resource, API_URL) { return $resource(API_URL + 'api/account', {}, {...}); } // Make similar changes in all service files.
backend/pom.xml
删除 yeoman-maven-plugin
backend/src/main/java/com/mycompany/myapp/SimpleCORSFilter.java
// Copied from here: https://spring.io/guides/gs/rest-service-cors/ @Component public class SimpleCORSFilter implements Filter { public void doFilter(...) { ... response.setHeader("Access-Control-Allow-Origin", "*"); ... } }
运行
终端选项卡 #1:BACKEND
cd backend mvn spring-boot:run ... [INFO] com.mycompany.myapp.Application - Started Application in 11.529 seconds (JVM running for 12.079) [INFO] com.mycompany.myapp.Application - Access URLs: ---------------------------------------------------------- Local: http://127.0.0.1:8080 External: http://192.168.56.1:8080 ----------------------------------------------------------
终端选项卡 #2:FRONTEND
cd frontend/src/main/webapp npm install -g http-server http-server Starting up http-server, serving ./ on: http://0.0.0.0:8081 Hit CTRL-C to stop the server
终端选项卡 #3:GRUNT
cd frontend bower install npm install grunt serve ... [BS] Proxying: http://localhost:8081 [BS] Access URLs: ------------------------------------- Local: http://localhost:3000 External: http://10.34.16.128:3000 ------------------------------------- UI: http://localhost:3001 UI External: http://10.34.16.128:3001 -------------------------------------
浏览 http://localhost:3000/#/login
输入
用户名:密码
作为admin:admin
我们的BACKEND选项卡显示:
[DEBUG] com.mycompany.myapp.security.Http401UnauthorizedEntryPoint - Pre-authenticated entry point called. Rejecting access
显然,我做错了什么。它是什么?
最佳答案
当请求由于 CORS 失败时,后端没有可见的错误。 HTTP请求实际上成功了,但是在前端被javascript阻止了。 JS 控制台中将会出现类似这样的消息。
XMLHttpRequest cannot load http://localhost:8080/api/authenticate. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:9000' is therefore not allowed access.
您看到的错误消息实际上与身份验证有关。当您启用 CORS 时,您的 JS 将使用 HTTP OPTIONS 方法发送“飞行前”请求。 JHipster 未配置为全局允许 OPTIONS 方法。我自己在做你做的同样的事情时遇到了同样的问题。修复方法非常简单:只需将此行添加到紧邻第一个 antMatchers
条目之前的 com.mycompany.config.SecurityConfiguration
中即可。
.antMatchers(org.springframework.http.HttpMethod.OPTIONS, "/api/**").permitAll()
这将显式允许所有使用 OPTIONS 方法的请求。 OPTIONS 方法在 CORS 中用作读取所有 header 并查看 CORS 请求中允许哪些 HTTP 方法的方法。
最后,在您的 SimpleCORSFilter 类中,您还应该添加这些 header :
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "86400"); // 24 Hours
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, x-auth-token");
关于java - 将jhipster后端和前端分成两个项目?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/53441823/